question

BobStuckley-0930 avatar image
0 Votes"
BobStuckley-0930 asked piaudonn commented

ADFS Sign-in Only for Some Users

I recently set up an ADFS farm, and I am testing a few user accounts to see if they can sign into /adfs/ls/IdpInitiatedSignon.aspx. Some accounts work fine; others, however, exhibit the following behavior:

  • Signing in with a wrong username/password results in an error message indicating the username/password is incorrect.

  • Signing in with correct username/password results in a page refresh and the sign-in form is displayed. There is no error message; simply a page refresh and the sign-in form.

In the Security event log, there are three events related to the sign-in. They are as follows (in arrival order):

Event 4648 - A logon was attempted using explicit credentials.
Event 4624 - An account was successfully logged on.
Event 4625 - An account failed to log on (Failure reason: Unknown user name or bad password)

I'm at a loss as to why this is happening for only certain users. Any help you can provide is appreciated.

adfs
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

So you get the same series of events for working users and non working users?
Are you sure of the error code and subcode of the event 4625? 4625 can also be the sign of a privilege issue. Maybe you can copy paste the content of the 4625 here.

0 Votes 0 ·

0 Answers